[nsp-sec] Paging 5089 and 2856 - Live Phishing site -> Navy FederalCredit Union Online Account Suspended

Thu May 15 12:45:27 EDT 2008

Ack 2856

Passing onto the abuse team to deal with.

Regards
 Graeme

-----Original Message-----
From: nsp-security-bounces at puck.nether.net
[mailto:nsp-security-bounces at puck.nether.net] On Behalf Of Joel Rosenblatt
Sent: 15 May 2008 17:32
To: nsp-security at puck.nether.net
Subject: [nsp-sec] Paging 5089 and 2856 - Live Phishing site -> Navy
FederalCredit Union Online Account Suspended

----------- nsp-security Confidential --------

Live Phish

<http://www.circad.co.uk/catalog/images/navyfcu.org>

AS      | IP               | AS Name
5089    | 62.254.210.48    | NTL NTL Group Limited
2856    | 195.99.190.38    | BT-UK-AS BTnet UK Regional network

Joel Rosenblatt, Manager Network & Computer Security
Columbia Information Security Office (CISO)
Columbia University, 612 W 115th Street, NY, NY 10025 / 212 854 3033
http://www.columbia.edu/~joel

Return-Path: <iso2101 at columbia.edu>
Received: from liverwurst.cc.columbia.edu ([unix socket])
	 by liverwurst.cc.columbia.edu (Cyrus v2.3-alpha) with LMTPA;
	 Thu, 15 May 2008 12:14:30 -0400
X-Sieve: CMU Sieve 2.3
Received: from cayenne.cc.columbia.edu (cayenne.cc.columbia.edu
[128.59.28.166])
	by liverwurst.cc.columbia.edu (8.13.1/8.13.1) with ESMTP id
m4FGETnJ000478;
	Thu, 15 May 2008 12:14:29 -0400
Received: from cayenne.cc.columbia.edu (localhost [127.0.0.1])
	by cayenne.cc.columbia.edu (8.14.1/8.14.1) with ESMTP id
m4FGERqS001800
	for <copyright-reports at columbia.edu>; Thu, 15 May 2008 12:14:28
-0400 (EDT)
Received: (from iso2101 at localhost)
	by cayenne.cc.columbia.edu (8.14.1/8.14.1/Submit) id
m4FGER44001798
	for copyright-reports at columbia.edu; Thu, 15 May 2008 12:14:27
-0400 (EDT)
Received: from e-birlik.org (mail.e-birlik.org [213.194.80.150])
	by cayenne.cc.columbia.edu (8.14.1/8.14.1) with ESMTP id
m4FGELMo001771
	for <copyright-abuse at columbia.edu>; Thu, 15 May 2008 12:14:27
-0400 (EDT)
Received: from User ([155.212.205.139]) by e-birlik.org with MailEnable
ESMTP; Thu, 15 May 2008 19:12:58 +0300
Reply-To: <service at navyfcu.org>
From: "service at navyfcu.org"<service at navyfcu.org>
Subject: Navy Federal Credit Union Online Account Suspended
Date: Thu, 15 May 2008 12:15:02 -0400
MIME-Version: 1.0
Content-Type: text/plain;
	charset="Windows-1251"
Content-Transfer-Encoding: 7bit
X-Priority: 1
X-MSMail-Priority: High
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
Message-ID: <C95C4AAB50D74B378E3B4D793183E993.MAI at e-birlik.org>
To: undisclosed-recipients:;
X-CU-Abuse-Report: exempt from filtering
X-Scanned-By: MIMEDefang 2.63 on 128.59.28.166
X-Scanned-By: MIMEDefang 2.63 on 128.59.28.166
X-No-Spam-Score: Local

Dear Navy Federal Credit Union Member,

You have one new security message at  Navy Federal Credit Union  Inbox
Mail System.

INBOX ( 1 )

From:  Navy Federal Credit Union  Member Service
Subject: Navy Federal Credit Union  Account Suspended

To go to your Navy Federal Credit Union  Inbox please click on the link:

http://www.circad.co.uk/catalog/images/navyfcu.org

Thank You

 Navy Federal Credit Union  Team

_______________________________________________
nsp-security mailing list
nsp-security at puck.nether.net
https://puck.nether.net/mailman/listinfo/nsp-security

Please do not Forward, CC, or BCC this E-mail outside of the nsp-security
community. Confidentiality is essential for effective Internet security
counter-measures. _______________________________________________
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5944 bytes
Desc: not available
URL: <https://puck.nether.net/mailman/private/nsp-security/attachments/20080515/b3785d68/attachment-0001.bin>